Re: Email Spam a bit of Hell

This WebDNA talk-list message is from

2004


It keeps the original formatting.
numero = 57883
interpreted = N
texte = Alex, we just had a similar even about 2 weeks ago. We use SIMS and there are some vulnerabilities that we discovered. We had to close down ALL client ip's.. meaning any machine that used or mail server to forward mail had to be redirected to a different outgoing SMTP, and then we had to eliminate all the IP's from the list of computers which were allowed forwarding access to our mail server. Once that was done, things slowly improved. On May 17, 2004, at 1:43 PM, Alex McCombie wrote: > On 5/17/04 1:24 PM, "Sal" wrote: > >> Hi Alex, >> >> How are the connections to the SMTP allowed in the first place? >> Do you do any kind of SMTP Authentication? >> My server requires Authentication, IE username and password before the >> connection is established. > No we are talking incoming SMTP connections from legitimate email > servers in > order to deliver mail. > > For example: > Sal sends email to Alex@newworlmedia.com > He connects to his email server and it takes his mail. > His server then tries to connect to my server to check on the validity > of > the address and send email. > > My server is buried as it is fielding incoming connections from > thousands > (actually only a few at a time allowed) of servers trying to send mail > to > newworldmedia.com (all bounce backs due to some piece of #$%^ spammer). > > Maybe that makes more sense. > > Its just this simple. Spammers can setup their software to show > whatever > they want as a reply to address. (the world's most insecure > communication > medium). God help you if their spam campaign uses your domain as a > replyto: > and also is sent to hundreds or thousands or millions of emails (both > legitimate or malformed) because every last bounceback is coming your > way > and there is little to no way of stopping it short of disabling the MX > for > that domain. The action of mail servers bouncing back to the replyto > as a > matter of protocol is just plain stupid (at least in this age of spam) > > Nauseating. > > Alex > (ps.... Since moving the MX to a valid IP with no mail server my > system has > calmed down to a point of usability (or I wouldn't see these emails > from > SMSI). There are still tons of errors now refusing to relay as many > systems > still connect to the original IP but the local DNS sees a new ip to > deliver > to). > > By tomorrow it should all but be stopped but it came at the cost of > disabling a legitimate and important domain for email for 3-6 days by > the > time this is done. > > :-( > Alex > > > Alex J McCombie New World Media > Chief Information Officer Box 124 > 888/892.6379 MartVille, NY 13111 > Alex@NewWorldMedia.com http://OurClients.com > > Interface Designer WebDNA Programmer Database Designer > > > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://webdna.smithmicro.com/ > ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Email Spam a bit of Hell ( Donovan Brooke 2004)
  2. Re: Email Spam a bit of Hell ( Alex McCombie 2004)
  3. Re: Email Spam a bit of Hell ( Donovan Brooke 2004)
  4. Re: Email Spam a bit of Hell ( Alex McCombie 2004)
  5. Re: Email Spam a bit of Hell ( Dylan Wood 2004)
  6. Re: Email Spam a bit of Hell ( "Sal" 2004)
  7. Re: Email Spam a bit of Hell ( Alex McCombie 2004)
  8. Re: Email Spam a bit of Hell ( Phil Herring 2004)
  9. Re: Email Spam a bit of Hell ( Alex McCombie 2004)
  10. Re: Email Spam a bit of Hell ( Alex McCombie 2004)
  11. Re: Email Spam a bit of Hell ( "Sal" 2004)
  12. Re: Email Spam a bit of Hell ( Alex McCombie 2004)
  13. Re: Email Spam a bit of Hell ( "Sal" 2004)
  14. Re: OT: Email Spam a bit of Hell ( Clint Davis 2004)
  15. OT: Email Spam a bit of Hell ( Alex McCombie 2004)
Alex, we just had a similar even about 2 weeks ago. We use SIMS and there are some vulnerabilities that we discovered. We had to close down ALL client ip's.. meaning any machine that used or mail server to forward mail had to be redirected to a different outgoing SMTP, and then we had to eliminate all the IP's from the list of computers which were allowed forwarding access to our mail server. Once that was done, things slowly improved. On May 17, 2004, at 1:43 PM, Alex McCombie wrote: > On 5/17/04 1:24 PM, "Sal" wrote: > >> Hi Alex, >> >> How are the connections to the SMTP allowed in the first place? >> Do you do any kind of SMTP Authentication? >> My server requires Authentication, IE username and password before the >> connection is established. > No we are talking incoming SMTP connections from legitimate email > servers in > order to deliver mail. > > For example: > Sal sends email to Alex@newworlmedia.com > He connects to his email server and it takes his mail. > His server then tries to connect to my server to check on the validity > of > the address and send email. > > My server is buried as it is fielding incoming connections from > thousands > (actually only a few at a time allowed) of servers trying to send mail > to > newworldmedia.com (all bounce backs due to some piece of #$%^ spammer). > > Maybe that makes more sense. > > Its just this simple. Spammers can setup their software to show > whatever > they want as a reply to address. (the world's most insecure > communication > medium). God help you if their spam campaign uses your domain as a > replyto: > and also is sent to hundreds or thousands or millions of emails (both > legitimate or malformed) because every last bounceback is coming your > way > and there is little to no way of stopping it short of disabling the MX > for > that domain. The action of mail servers bouncing back to the replyto > as a > matter of protocol is just plain stupid (at least in this age of spam) > > Nauseating. > > Alex > (ps.... Since moving the MX to a valid IP with no mail server my > system has > calmed down to a point of usability (or I wouldn't see these emails > from > SMSI). There are still tons of errors now refusing to relay as many > systems > still connect to the original IP but the local DNS sees a new ip to > deliver > to). > > By tomorrow it should all but be stopped but it came at the cost of > disabling a legitimate and important domain for email for 3-6 days by > the > time this is done. > > :-( > Alex > > > Alex J McCombie New World Media > Chief Information Officer Box 124 > 888/892.6379 MartVille, NY 13111 > Alex@NewWorldMedia.com http://OurClients.com > > Interface Designer WebDNA Programmer Database Designer > > > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://webdna.smithmicro.com/ > ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Dylan Wood

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

WebCat2b13MacPlugIn - [include] doesn't allow creator (1997) WebCat2 - [include] tags (1997) FW: 2.01 upgrade problems (1997) WebCat B13 Mac CGI -- Frames question (1997) retain raw [cart] submitted value (2004) how to do [search] params on the fly? (2004) [math date] with non-US date format (2000) shipcost (1997) Date Sorting (1997) NT considerations (1997) Error Messages Returned to User (1997) Another strange one (2000) target=_blank and form variables (1997) WebCat2b13MacPlugIn - [showif][search][/showif] (1997) ListFiles and .DS_Store (2004) RE: WebDNA-Talk searchable? (1997) WebCatalog for guestbook ? (1997) Free shipping (2000) Upgrading old WebCat Database Files (1997) Db crash in win98 (2000)